Various Web vulnerability test platforms

Sqli Lab
? Support for error injection, two injections, blind, update injection, insert injection, HTTP header injection, two injection exercises, etc. Support for Get and post two ways. Https://github.com/Audi-1/sqli-labs

DVWA (Dam vulnerable WEB application)
DVWA is a web vulnerability test program written in Php+mysql for general Web vulnerability teaching and testing. Contains a number of common security vulnerabilities such as SQL injection, XSS, and blinds.
http://www.dvwa.co.uk/

Mutillidaemutillidae
is a free, open source Web application that provides specifically allowed security testing and intrusion of Web applications. It is made up of Adrian "Irongeek" Crenshaw and Jeremy "webpwnized" Druin. Development of a free and open source

Web application. It includes rich penetration testing projects such as SQL injection, cross-site scripting, clickjacking, local file inclusion, remote code execution, and more.
Http://sourceforge.net/projects/mutillidae

Sqlol
is a configurable SQL injection test platform that contains a series of challenge tasks that allow you to test and learn SQL injection statements in a challenge. This program was released by Spider Labs at the Austin Hacker Conference.
Https://github.com/SpiderLabs/SQLol

Hackxorhackxor
is a online hacking game developed by albino and can be deployed with the full version installed, including common web vulnerability Walkthroughs. Contains common vulnerabilities such as XSS, CSRF, SQL injection, RCE, and so on.
Http://sourceforge.net/projects/hackxor

Bodgeitbodgeit
Is a Java-written vulnerability Web program. He contains issues such as XSS, SQL injection, debug code, CSRF, unsafe object applications, and program logic.
Http://code.google.com/p/bodgeit

Exploit kb/exploit.co.il
The program contains a variety of vulnerable web applications that can test various SQL injection vulnerabilities. This application is also included in the BT5.
Http://exploit.co.il/projects/vuln-web-app

Wackopickowackopicko
is a vulnerable Web application published by Adam Doupé to test the Web Application Vulnerability Scanning Tool. It contains command-line injections, SessionID issues, file inclusions, parameter tampering, SQL injection, XSS, flash form reflective XSS,

Weak password scanning, etc.
Https://github.com/adamdoupe/WackoPicko

Webgoatwebgoat
is a flawed Java EE Web application maintained by the famous owasp, which is not a bug in the program, but is deliberately designed to teach Web application security courses. This app provides a realistic teaching environment for

Provide clues about the completion of the course.
Http://code.google.com/p/webgoat

OWASP hackademicowasp hackademic
is a project developed by owasp that you can use to test various attack techniques that currently contain 10 problematic Web applications.
Https://code.google.com/p/owasp-hackademic-challenges

Xsseducationxsseducation
is a set of programs developed by AJ00200 that specifically test cross-site. It contains tests for various scenarios.
Http://wiki.aj00200.org/wiki/XSSeducation